3 matches found
Cisco Unity Connection Improper Access Control (cisco-sa-ucm-access-dMKvV2DY)
The version of Cisco Unity Connection installed on the remote host is 14.x prior to 14SU2. It is, therefore, affected by an improper access control vulnerability. An authenticated attacker with read-only privileges can exploit this vulnerability to perform a set of administrative actions they...
CVE-2022-20859
CVE-2022-20859 affects Cisco Unified Communications Manager (CUCM), Unified CM IM&P, and Cisco Unity Connection in the Disaster Recovery framework. Root cause: insufficient access control checks allowing an authenticated, read-only user to run a vulnerable command and perform administrative actio...
CVE-2022-20859
A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, and Cisco Unity Connection could allow an authenticated, remote attacker to perform certain administrative actions the...